craig_moore
Active participant

authentication method when Gathering inventory from internet facing devices

We are looking to configure gathering inventory from internet facing devices and are working on a solution leveraging our F5 load balancer to redirect external traffic to our internal beacon over https:

The concern the security team has is the authentication mechanism used by the agent to communicate over HTTPS to the beacon and what measures are in place to prevent a bogus device reporting into the beacon.

What is best practice configuration of the beacon to reduce security risk when attempting to gather inventory from internet facing devices.

 

Thanks

Craig

0 Kudos
1 Reply
JohnSorensenDK
Moderator Moderator
Moderator

@craig_moore 

If you haven't already please vote on Please can you support Mutual TLS Authentication (mTLS) supported by FNMS ? and please be aware of Matt's comments underneath.

Thanks,

0 Kudos